The company disclosed on Friday that the massive data theft was significantly more extensive and affected millions more shoppers than the company reported in December. As a result of the breach, millions of Target customers have become vulnerable to identity theft, experts say.
The nation’s second largest discounter said hackers stole personal information from as many as 70 million customers as part of a data breach it discovered last month.
Target announced Dec. 19 that some 40 million credit and debit card accounts had been affected by a data breach that happened between Nov. 27 and Dec. 15 – just as the holiday shopping season was getting into gear. As part of that announcement, the company said customers’ names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards had been stolen.
According to new information gleaned from its investigation, Target said Friday that criminals also took non-credit card related data for some 70 million shoppers who could have made purchases at Target stores outside the late Nov. to mid-Dec. timeframe.
Colleen McCarthy, 26, of Cleveland, Ohio, is among those who are avoiding Target. McCarthy used her Chase debit card at a local Target on the Friday after Thanksgiving and received a notice from Chase a few days after news of the breach first broke. At the time, she was only somewhat concerned.
But Monday night McCarthy received a call from Chase, alerting her that someone tried to use her debit account twice in Michigan. The thief cleared $150, which caused her rent check to bounce. Chase restored the money to her account.
“This has been a nightmare,” she said. “My rent check bounced. My debit card had to be canceled. And who’s to say what other people have access to my information?”
Target tried to woo scared shoppers back to stores on the last weekend before Christmas with a 10 percent discount on nearly everything in its stores. Target is also offering a year of free credit monitoring and identity theft protection to customers that shopped at its stores.
Still, some experts believe the company should do more. Johnson of Strategic Vision says Target needs to rebuild shoppers’ trust. He believes Target needs to air TV commercials assuring them that it’s safe to shop in its stores. It also should offer more incentives like deeper discounts to woo consumers, Johnson said.
Clearly, Target shoppers were scared off during the holiday season, when stores can make roughly 20 percent to 40 percent of their annual revenue.
The Minneapolis company also said that it now foresees fourth-quarter sales at stores open at least a year will be down about 2.5 percent. It previously predicted those sales would be about flat.
This figure is a closely-watched indicator of a retailer’s health.
Target cautioned that its fourth-quarter financials may include charges related to the data breach. The chain said the costs tied to the breach may have an adverse effect on its quarterly results, as well as future periods.
The company has 1,921 stores, with 1,797 locations in the U.S. and 124 in Canada.